43 matches found
Sentry improper error handling leaks Application Integration Client Secret
Impact During routine testing, we identified a scenario where a specific error message generated by our platform could include a plaintext Client ID and Client Secret for an application integration. The Client ID and Client Secret would not be displayed in the UI, but would be returned in the...
CVE-2024-53253
Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integration. The Client ...
CVE-2024-53253 Sentry's improper error handling leaks Application Integration Client Secret
Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integration. The Client ...
[SECURITY] Fedora 40 Update: kf5-frameworkintegration-5.115.0-3.fc40
Framework Integration is a set of plugins responsible for better integration of Qt applications when running on a KDE Plasma workspace. Applications do not need to link to this directly...
CVE-2021-34743
A vulnerability in the application integration feature of Cisco Webex Software could allow an unauthenticated, remote attacker to authorize an external application to integrate with and access a user's account without that user's express consent. This vulnerability is due to improper validation o...
File Upload Vulnerability in Library Cluster Management System of Guangzhou Tutron Computer Software Development Co. Ltd (CNVD-2021-58569)
Guangzhou Tutron Computer Software Development Co., Ltd. is a high-tech enterprise integrating product research and development, application integration and customer service, with the main goal of providing high-quality application software system design, integration and maintenance services for...
File Upload Vulnerability in Library Cluster Management System of Guangzhou Tutron Computer Software Development Co. Ltd (CNVD-2021-52386)
Ltd. is a high-tech enterprise integrating product research and development, application integration and customer service, with the main goal of providing high-quality application software system design, integration and maintenance services for users in the library industry. There is a file uploa...
SQL Injection Vulnerability in Library Cluster Management System of Guangzhou Tutron Computer Software Development Co. Ltd (CNVD-2021-52066)
Ltd. is a high-tech enterprise integrating product research and development, application integration and customer service, with the main goal of providing high-quality application software system design, integration and maintenance services for users in the library industry. There is a SQL...
5 Things to Know About Imperva RASP
Imperva Runtime Application Self-Protection RASP is a server-side security solution for applications, providing application security by default. Here are 5 things to know about Imperva RASP: 1. RASP and a WAF are complementary While a cloud-based web application firewall keeps previously known ba...
The vulnerability of Oracle Siebel’s EAI and SWSE platform’s UI framework allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of Oracle Siebel UI Framework components is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...
Oracle Siebel CRM Siebel UI Framework Unauthorized Read Vulnerability
Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions. The program includes sales management, marketing management, customer service systems, call center modules. Siebel UI Framework is one of the user interface framework components. A...
The vulnerability of the EAI component of the Siebel UI Framework allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the EAI component of the Siebel UI Framework is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...
the Crypto Undertaker: Tomb
Tomb aims to be a free and open source system for easy encryption and backup of personal files, written in code that is easy to review and links shared GNU/Linux components. At present, Tomb consists of a simple shell script Zsh using standard filesystem tools GNU and the cryptographic API of the...
CVE-2016-5468
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5451...
CVE-2016-5451
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5468...
Unspecified Vulnerability in Oracle Siebel CRM Siebel UI Framework Component (CNVD-2016-05472)
Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions , which includes sales management , marketing management , customer service systems , call centers and other modules.Siebel UI Framework is one of the framework components based on the...
Unspecified Vulnerability in Oracle Siebel CRM Siebel UI Framework Component (CNVD-2016-05471)
Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions , which includes sales management , marketing management , customer service systems , call centers and other modules.Siebel UI Framework is one of the framework components based on the...
MAS China Mobile Proxy Server SQL Injection Vulnerability
WAS China Mobile Proxy Server is a gateway that is deployed within the Intranet of group customers for application coupling with their OA, ERP, CRP and other application systems in order to satisfy the informatization needs of group customers who have a high degree of informatization to realize...
Unspecified Vulnerability in Oracle Siebel Core-EAI Component
Oracle Siebel is a customer relationship management software. A security vulnerability in the Integration Business Services subcomponent of the Oracle Siebel Core EAI component allows remote attackers to exploit the vulnerability to affect system availability...
CVE-2013-2413
Unspecified vulnerability in the Siebel Enterprise Application Integration component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web Services...